01-30-2006 11:08 AM - edited 07-04-2021 11:34 AM
This is how our setup is like:
Laptops => Cisco 1100 AP(static IP) => Wired LAN (Subnet 1) => Cisco Router => Wired LAN (Subnet 2) => DHCP server
What i would like is that the DHCP-request from our laptops is forwarded/relayed through the AP and Router to the DHCP-server and back.
We dont want to use the AP's internal DHCP server but centralise this.
At the moment i'v configured the AP through CLI and added the following command: ip dhcp-server xx.xx.xx.xx
Where xx is the IP of the DHCP server
On the Router i'v added the command ip helper-address xx.xx.xx.xx
Where xx is the IP of the DHCP server
Don't know if this is the correct way, but i do know it isn't working.
Some help is realy appreciated.
Grx,
Joris
01-30-2006 01:42 PM
With your setup you don't need any DHCP configuration on the AP.
The AP works as bridge between the radio IF and the Ethernet IF,
this includes DHCP.
Just as you wrote configure "ip helper-address ..." on the router's
IF connected to Subnet 1. Make sure DHCP is enabled on the router,
("service dhcp" is default, invisible in the config).
01-31-2006 12:41 AM
So yust remove the "ip dhcp-server" command in the AP and setup the LAN side with a static IP (like i have done already). This should do the trick?
And on the 3600 router i have to use the "ip helper-address" command to forward the request.
But, then what is the AP's "ip dhcp-server" command good for? When should i use it?
01-31-2006 06:42 AM
If you are using DHCP to assign an IP address to your AP, i.e.
interface BVI 1
ip address dhcp
you can limit the DHCP servers from which the AP accepts
DHCP leases with "ip dhcp-server x.x.x.x".
01-31-2006 06:31 AM
Ok, i'v fixed that problem by configuring a right scope.
Next major problem that's bothering me the whole day.
The DHCP server has to be placed behind a Windows 2003 server with router functionality. This server will be promoted to an ISA server later in the project. First we have to setup the connection properly.
I'v setup the 3600 router with the approperiate "ip helper-address xx.xx.xx.xx" command. This works.
The DHCP server that's going to serve the IP-addresses is placed behind a Windows 2003 server with DHCP-relay installed.
Interface 1 of the Windows 2003 Router is connected to the Cisco router, interface 2 is connected to the subnet where the DHCP server resides. This Windows 2003 router has to forward the already forwarded DHCP request to the correct DHCP server.
That's the problem, i don't know how to let Windows 2003 correctly forward the Cisco router's DHCP request.
HELP ;)
01-31-2006 07:33 AM
I'm not familiar with Windows DHCP server, but I guess
it supports standard DHCP including evaluating the
giaddr field from the DHCP relay.
You only need one DHCP relay (your Cisco router).
Between the router and your DHCP server the DHCP traffic
is unicast, so you have to make sure that the routing
between the DHCP server and the router's IP (giaddr)
in your Subnet 1 works.
01-31-2006 07:48 AM
Are you able to present me with some tips to check that connectivity is correct? We tryied to ping the DHCP server from the router and that seemed to work.
Maby were missing something.
01-31-2006 10:55 AM
You need at least the following connectivity for DHCP relay to work.
Between the DHCP relay agent and the DHCP server:
- UDP Port 67 <-> UDP Port 67
Between the DHCP server and the DHCP client:
- UDP Port 67 <-> UDP Port 68 (renewing/releasing a lease)
- ICMP echo (Most DHCP servers check if an IP is still free)
On the Cisco router you can use some debugging commands
to check that relaying works.
(This might produce a lot of output, careful on a production system.)
#term mon
#debug ip dhcp server packet
#debug ip dhcp server events
For Subnet 1 with the router's IP 10.0.0.1 and two configured
DHCP servers (192.168.0.1, 192.168.9.1) as "ip helper" a successfull
exchange looks like this:
DHCPD: DHCPREQUEST received from client 0100.aabb.bbcc.cc.
DHCPD: setting giaddr to 10.0.0.1.
DHCPD: BOOTREQUEST from 0100.aabb.bbcc.cc forwarded to 192.168.0.1.
DHCPD: BOOTREQUEST from 0100.aabb.bbcc.cc forwarded to 192.168.9.1.
DHCPD: forwarding BOOTREPLY to client 00aa.bbbb.cccc.
DHCPD: Forwarding reply on numbered intf
DHCPD: creating ARP entry (10.0.0.49, 00aa.bbbb.cccc).
DHCPD: unicasting BOOTREPLY to client 00aa.bbbb.cccc (10.0.0.49).
#undebug all
I would also try to ping the router's IP in Subnet 1 and a client
with a fixed IP in Subnet 1 from the server. (The DHCP server uses
this to check if a lease is actually free before handing it out)
Otherwise it's time for packet sniffing on the DHCP server
and the client. (snoop, tcpdump, ethereal)
02-01-2006 03:07 AM
Were debugging right now.
We checked the routes (OK) pinging in both ways, server to client(with static IP at the moment) and back (OK)
Still our client gets no IP when set to auto
Our result is as following:
DHCPD: setting giaddr to 10.6.32.1
DHCPD: BOOTREQUEST from 0100.aabb.bbcc.cc forwarded to 10.6.0.2
And this ofcourse with the right MAC (to much typing)
Nothing comes back to the router, but we know the routes are confirured correctly.
Now what? Were stuck here.
01-31-2006 09:37 AM
Additional question1:
What exactly do you mean with "giaddr"? An how can i check that this is setup and routed correctly?
Additional question2:
Is it possible for routers (non Cisco, Windows) to reroute the request to other subnets (this is what we need)?
01-31-2006 10:58 AM
giaddr is a field in the DHCP packet. It contains the IP address
of the DHCP relay agent. In your example it's the router's IP
in Subnet 1. The DHCP server uses this to find the right
DHCP-pool and as destination address for its answers.
Not sure what exactly you mean by "reroute the request to other subnets".
But if you mean is it possible to use one DHCP server for several
subnets, the answer is yes. DHCP-pool and reply address can be
evaluated from the "giaddr" field in the DHCP packet. The rest
is simple IP routing between the DHCP server and the DHCP relay agent.
Basically you need routing for every subnet between the DHCP server and the relay.
01-31-2006 11:16 AM
Thx for the great responce so far.
I am at home right now, so testing is the first thing i'll be doing in the morning.
More to come tomorrow.
Grx,
Joris
02-01-2006 04:01 AM
Were debugging right now.
We checked the routes (OK) pinging in both ways, server to client(with static IP at the moment) and back (OK)
Still our client gets no IP when set to auto
Our result is as following:
DHCPD: setting giaddr to 10.6.32.1
DHCPD: BOOTREQUEST from 0100.aabb.bbcc.cc forwarded to 10.6.0.2
And this ofcourse with the right MAC (to much typing)
Nothing comes back to the router, but we know the routes are confirured correctly.
Now what? Were stuck here.
02-01-2006 04:23 AM
Were monitoring the DHCP server right now and it recieves DHCPdiscover packets from the Cisco relaying router and nothing else. No offer, nothing. What could be the problem of this?
02-01-2006 06:02 AM
DHCPOFFER ist the reply from the DHCP server to the client.
The DHCP transfer works like this:
Client --DHCPDISCOVER--> DHCP relay agent --DHCPDISCOVER--> DHCP server
Client <---DHCPOFFER---- DHCP relay agent <---DHCPOFFER---- DHCP server
Client ---DHCPREQUEST--> DHCP relay agent ---DHCPREQUEST--> DHCP server
Client <----DHCPACK----- DHCP relay agent <----DHCPACK----- DHCP server
Looks like your DHCP server isn't answering the forwarded
DHCPDISCOVER from the client.
Does your DHCP server on 10.6.0.2 have a pool for the 10.6.32.0 net?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: